- Aug 15, 2018
- 634
I would love to see the default deny protection of Comodo in action against the Scorpion Malware.
Can anyone please test Comodo against the famous Scorpion malware and share the results?
- Thread starter Wraith
- Start date
Please provide comments and solutions that are helpful to the author of this topic.
- Jul 6, 2017
- 2,392
- Nov 19, 2014
- 2,350
- Jan 25, 2016
- 125
If I remember correctly, using the the cs settings+disabled file rating, it will run the same. Video will start in full screen but it will not do anything after that. You can close the video via ctrl+alt+tab
if you select block option in the sandbox settings it wont be able to start
- Jul 6, 2017
- 2,392
I don't know if this is the virus. What do you say?
Antivirus scan for 4ea1f2ecf7eb12896f2cbf8683dae8546d2b8dc43cf7710d68ce99e127c0a966 at 2019-01-11 15:19:32 UTC - VirusTotal
Antivirus scan for 4ea1f2ecf7eb12896f2cbf8683dae8546d2b8dc43cf7710d68ce99e127c0a966 at 2019-01-11 15:19:32 UTC - VirusTotal
- Apr 28, 2015
- 8,915
I don't think so, because that one is detected by Kaspersky, and Scorpion 3.1 still is not detected, still waiting final verdict after 12 hours
- Jul 6, 2017
- 2,392
This one I've tried does exactly that. It opens a full-screen road video Comodo virtualizes it. and closes with ctrl + alt + tab closes.
this can an old variant of the same family.
- Oct 22, 2016
- 409
I don't know if this is the virus. What do you say?
Antivirus scan for 4ea1f2ecf7eb12896f2cbf8683dae8546d2b8dc43cf7710d68ce99e127c0a966 at 2019-01-11 15:19:32 UTC - VirusTotal
It does not seem to me the same.
- Jul 6, 2017
- 2,392
- May 29, 2018
- 2,728
Windows smartscreen is going to prevent it from running, so no need for comodo
And if you deny smartscreens prompt > comodo for sure is going to sandbox it. But you dont benefit from the sandbox in this case , because you already didnt believe smartscreen wich did same as comodo did now
Now you just clear the sandbox , remove file as suggested and youre fine
But if you run the file against comodo antivirus, sandbox disabled it would be different case
I dont understand why it should be tested against this
And if you deny smartscreens prompt > comodo for sure is going to sandbox it. But you dont benefit from the sandbox in this case , because you already didnt believe smartscreen wich did same as comodo did now
Now you just clear the sandbox , remove file as suggested and youre fine
But if you run the file against comodo antivirus, sandbox disabled it would be different case
I dont understand why it should be tested against this
- Dec 15, 2018
- 158
Where is the default deny feature of "Comodo" found? Forgive my ignorance. Is it part of Defense+?
What I'm really asking is, is it a part of the AV or FW or CIS or what?
What I'm really asking is, is it a part of the AV or FW or CIS or what?
Last edited:
- Jul 6, 2017
- 2,392
Last edited:
- Jan 25, 2016
- 125
I've been sending this item to them multiple times and yet didn't receive any "human" response from them.I don't think so, because that one is detected by Kaspersky, and Scorpion 3.1 still is not detected, still waiting final verdict after 12 hours
- Aug 15, 2018
- 634
That's really impressive to be honest as it implies that COMODO was actually able to protect the system. From the results at MT it looks like Scorpion is really a sophisticated malware since it trashes vm's even when they are in shadow mode using shadow defender. After restarting from shadow mode users are greeted with a black screen.
Similar threads
